Jump to content


  • Posts

  • Joined

  • Days Won

  • Donations

    0.00 USD 

Everything posted by JFX

  1. It's just a problem with settings app. It properly tries to communicate with Defender and does not get any respond.
  2. Yes, Windows 10 2015 version already uses a 16 MB partition.
  3. Because older Windows versions used a 128 MB MSR partition. The default unattend and diskpart scripts should work for all OS, but you are free to edit them or add your own.
  4. No, <ProductKey> is not supported with WinNTSetup's direct WIM apply. Maybe you can use FirstLogonCommands to run: slmgr /ipk M7XTQ-FN8P6-TTKYV-9D4CC-J462D
  5. I think you can do this. The error your xml generates is very clear.
  6. @xiaoyue it does work as expected, ignored by older Windows versions, and converted to registry by newer ones.
  7. Adding dark mode for current Windows 10/11 builds, was already several month of work. I don't do this for deprecated windows versions. As for your mistakes: 1) It now longer loads ADK, if the current windows don't needed it. 2) Version display was removed, because some people carelessly updated and just broke supported OS versions, for no reason. 3) That's wanted, looking more current system conform. Re-uploaded, you now can disable these 3 options in WinNTSetup.ini. [Options] NoDownload=0 ShowEngineVersion=1 NewIcons=0
  8. WinNTSetup - fixed language file creation failed with 5.3.5 - fixed capture of mounted VMware disks - added support for multi language WIM files
  9. That's because vmware mounts in the user session and WinNTSetup now uses TrustedInstaller for WIM operations. You can get back old behavior by adding this to WinNTSetup.ini [WimHost] RunAsTI=0 However VMware did removed the buggy disk mapping in version 17, so maybe better to mount the VDMK with OFSMount. This allow you to mount as physical disk and the capture won't have problems with special files like WIMBoot pointer files.
  10. File permission are changed for MinWin by default, so Admin users have full access to the entire file system. Profile\Options.ini --> options --> AdminAccess To use modified *.inf files, drvinst.exe need to be patched. you can remove signature check of inf files with: WinNTSetup_x64.exe drvinstpatch
  11. Just add this to your unattend.xml --> oobsystem. <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" language="neutral" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS"> <PreventDeviceEncryption>true</PreventDeviceEncryption> </component> If you want to keep most of the WinSxS folder than delete WinSxS.ini. Without it you black\white list WinSxS files like all other in the Remove folder.
  12. That's because it is part of Windows 10/11. But old systems and WinPE are missing it.
  13. I forgot offreg.dll again, re-uploaded.
  14. WinNTSetup 5.3.5 - removed redudant code, WimHost options removed - updated wimlib to version 1.14.4 - enforce modded wimlib - HideProductKeys option defaults to 1 - minwim crash fixed - minwim speed improved - minwim extended log files - fixed WinRE GUI bugs - fixed crash installing WinXP
  15. Listviews group header text color is back to dark blue on dark mode. Was good with SAB 3.7.3.
  16. @dimo70 You can't disable defender while the system is still running, it does protect it self.
  17. No sure if you still can disable defender online. This should work from WinPE/WinRE. Another Windows would need to run it with TrustedInstaller rights. Defender.cmd reg load HKLM\SOFT C:\Windows\System32\config\software reg load HKLM\SYS C:\Windows\System32\config\system reg import Defender.reg reg unload HKLM\SOFT reg unload HKLM\SYS Defender.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=- [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows\CurrentVersion\Explorer] "SmartScreenEnabled"="Off" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 "DisableAntiVirus"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender\Real-Time Protection] "DisableRealtimeMonitoring"=dword:00000001 "DisableAntiSpywareRealtimeProtection"=dword:00000001 "DpaDisabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows\System] "EnableSmartScreen"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 "DisableAntiVirus"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows Defender\SmartScreen] "ConfigureAppInstallControlEnabled"=dword:00000001 "ConfigureAppInstallControl"=dword:00000001 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Control\CI\Policy] "VerifiedAndReputablePolicyState"=dword:00000000 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Services\SecurityHealthService] "Start"=dword:00000000 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Services\WinDefend] "Start"=dword:00000004 P.S: Not sure why I set SecurityHealthService to autostart, either there was a problem with disabling or it's a typo.
  18. Nope, I can recall something like this happend to me, first time trying this on some windows 10 or 11 build.
  19. It does a bit more than just setting IFEO Debuggers. If Tweaks_NT6_Array(#Tweaks_NT6_Disbale_Defender, 1) If *Z\Build > 10100 ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiSpyware", 1) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiVirus", 1) ORSetString(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Explorer", "SmartScreenEnabled", "Off") ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows\System", "EnableSmartScreen", 0) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControlEnabled", 1) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControl", 1) ORSetDword_USClasses(*Z, *Z\Usr_Classes_Hive, "Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter", "EnabledV9", 0) ORSetDword_US(*Z, "Software\Microsoft\Windows\CurrentVersion\AppHost", "EnableWebContentEvaluation", 0) EndIf ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableRealtimeMonitoring", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableAntiSpywareRealtimeProtection", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiSpyware", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiVirus", 1) If *Z\Build > 18300 ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Features", "TamperProtection", 0) EndIf If *Z\Build >= 22000 ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DpaDisabled", 1) ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe", "Debugger", "NUL") ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe", "Debugger", "NUL") ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe", "Debugger", "NUL") ORSetDword(*Z\SysHive, "ControlSet001\Services\SecurityHealthService", "Start", 0) ORDeleteValue(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Run", "SecurityHealth") EndIf EndIf
  20. Don't think there is a good way to remove defender. But WinNTSetup's tweak should completely disable it. This can be reversed later, it needed.
  21. Yes, there were some reports of this with Server 2022. I can't reproduce it and checking if a file exist, is the most basic feature. I could only assume something like an antivirus or filter driver that does interfere, but it does not happen if I install Server 2022 with WinNTSetup. The new system does not show any problem. The version display of wimlib and wimgapi will be removed, it just leads to wrong assumption and some people start updating them manually, what only causes problems.
  22. Yes, if you select a different boot drive, your local boot partition will not not be touched. For automation there are many command line options, see F1 - help.
  • Create New...